Secure By Design MCQ

Hello friends if you are looking for Secure By Design Questions Answers | Secure By Design MCQ with Answers | Secure By Design Multiple choice questions | Secure By Design Objective type questions

1.You are a part of software development team building a hospital management application……

Ans : Control access to sensitive data

2.Match the objectives

a. To ensure application has not deviated….

Ans : Operation readiness review

b. To observe information….

Ans : Conduct continuous monitoring

c. To examine security…..

Ans : Final security review

3.You are contracted for designing an e-commerce software application….

Ans : Establish privacy and security requirements

4. Match the objectives

a. Erased/Formatting hard disk….
Ans : Eradication
b. Fresh install of OS….
Ans : Recovery
c. Alerts from anti-virus…
Ans : Identification/Detection
d. Quarantining(disconnecting) inflected computers…
Ans : Containment

5.Match the objectives

a. To keep dev teams updated…
Ans : Security training
b. To categories applications…
Ans : User risk assessment
c. To define minimum security…
Ans : Security quality gates

6. An IT company commisions a new software for Human Resources(HR) management…

Ans :
a. Build and execute a disposal/transition plan
b. Sanitize media

7.Match the objectives

a. To ensure security controls…
Ans : Select and document security controls
b. To set security and privacy…
Ans : Establish secure design
c. To understand the risk areas in the approach…
Ans : Attack surface analysis

8.Which of the following changes in Secure SDLC…

Ans : Process change – shift left

9.Bug bounty programs are…

Ans : Threat modeling

10. Match the objectives

a. Scanning source code…
Ans : SAST
b. Scanning a running application…
Ans : DAST
c. Avoiding known coding…
Ans : Version control system
d. Tracking changes…
Ans : Secure coding practices

11. A software development company is reviewing…

Ans : Threat modeling

12.A software for a networking device is written using C programming language…

Ans :
a. Deprecate unsafe functions
b. Source code scanning using…

13.Following several security breaches…

Ans : Incident response plan

14.Which of the following statements is false?

Ans : Threat modeling involves reviewing…

15.Tampered code…

Ans : Manual secure code reviews

16.In a major data breach, hackers stole payment card data…

Ans : Secure coding trainings were not conducted

17.An organization wants to scan their running application…

Ans : Dynamic Application Security Testing (DAST)

18.An hard disk of the database server…

Ans : Shredding

19.A university hosts their public facing website…

Ans : The university failed to conduct security coding training

20.WordPress is popular free and open-source content management…

Ans : The IT must maintain an inventory of all….

Leave a comment